The Server Administration Panel in Parallels Plesk Panel 10.2.0_build1011110331.18 omits the Content-Type header's charset parameter for certain resources, which might allow remote malicious users to have an unspecified impact by leveraging an interpretation conflict involving account/power-mode-logout and certain other files. NOTE: it is possible that only clients, not the Plesk product, could be affected by this issue.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
parallels parallels_plesk_panel 10.2.0_build1011110331.18 |